A Website Image Could Crash Your Windows PC

This has been a tough month for people who are using older Windows Operating Systems, especially Windows 7 users.

The global Wannacry ransomware attack centered mostly on Windows 7 users, and now, a new attack has come to light that is making the lives of those users miserable all over again.

Actually, it would be a mistake to classify this as a new attack. More accurately, it’s an updated version of an ancient attack that used to be prevalent on Windows 95 and 98 machines called “ConCon.”

In terms of implementation, the usual way the attack is launched is that the hacker will feed the target’s computer with an invalid file name, most often an image file. By using a bogus path to a nonexistent image file, the target’s computer spends time churning in vain in an effort to locate something that’s just not there.

Doing that once creates a slight lag in system performance. Doing that often enough can cause a system to lock up or crash, giving the victim the classic “Blue Screen Of Death.”
Note that this kind of attack is designed to be purely disruptive. Its goal isn’t to hold the computer in question hostage, demand a ransom or steal data. All it’s designed to do is lock a user’s machine up, which makes this kind of attack somewhat less threatening than many of the others we’ve seen. It is, nonetheless, a disturbing development.

Microsoft has not issued a formal statement about the matter. It is not yet known whether the company will break with protocol as it did by issuing an emergency patch for Windows 7 users to help protect them from Wannacry, even though that version of the OS is no longer supported.

All of this underscores the importance of upgrading your old Windows Vista, 7 and 8 PCs to Windows 10 as quickly as possible, because Windows 10 machines are not affected by this attack.